package com.example.config;

import com.example.dao.*;
import com.example.entity.URrelation;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.stereotype.Component;

import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import com.example.entity.User;

/**
 * 描述：
 *
 * @author gnyin
 * @create 2019-01-27-13:57
 */


public class CustomRealm extends AuthorizingRealm {
    @Autowired
    private UserMapper userMapper;
    @Autowired
    private RoleMapper roleMapper;
    @Autowired
    private URrelationMapper uRrelationMapper;
    @Autowired
    private RFrelationMapper rFrelationMapper;
    @Autowired
    private FunctionMapper functionMapper;

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        System.out.println("-------权限认证方法--------");
        //获取Shiro Subject中的用户名
        String username = (String) SecurityUtils.getSubject().getPrincipal();
        //通过用户名获取用户角色id
        int userid = userMapper.selectByName(username).getId();
        Integer roleID = uRrelationMapper.selectRoleIDByUserID(userid);
        //通过角色id获取功能id列表
        List<Integer> functionIDList = rFrelationMapper.selectFunctionIDListByRoleid(roleID);
        //通过功能id列表获取功能名称列表
        List<String> functionList = new ArrayList<>();
        functionIDList.forEach(functionid->functionList.add(functionMapper.selectByFunctionID(functionid).getFunctionName()));
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        Set<String> stringSet = new HashSet<>();
        functionList.forEach(function -> stringSet.add(function));
        info.setStringPermissions(stringSet);
        return info;
    }

    /**
     * 注入userService
     * private UserService userService;
     * <p>
     * 获取即将需要认证的信息
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        System.out.println("-------身份认证方法--------");
        String userName = (String) authenticationToken.getPrincipal();
        String userPwd = new String((char[]) authenticationToken.getCredentials());
        //根据用户名从数据库获取密码

        User a = userMapper.selectByName(userName);
        String password = a.getPsd();
        if (userName == null) {
            throw new AccountException("用户名不正确");
        } else if (!userPwd.equals(password )) {
            throw new AccountException("密码不正确");
        }
        return new SimpleAuthenticationInfo(userName, password,getName());
    }
}